#!/bin/sh /etc/rc.common
#
# Copyright (C) 2008 Eric Bishop <eric@gargoyle-router.com>
#
START=51


bin="httpd_gargoyle"
run_dir="/var/run"
pid_http="$run_dir/$bin-http.pid"
pid_https="$run_dir/$bin-https.pid"
cgi_pattern="cgi-bin/**|**.sh|**.cgi|**.csv"
user="root"
cert_file="/etc/$bin.pem"

start() 
{

	# kill httpd if for some reason it hasn't been disabled
	# postinst should have stopped and disabled it, but let's be doubly sure
	rc_httpd=$(ls /etc/rc.d/*httpd 2>/dev/null)
	if [ -n "$rc_httpd" ] ; then
		/etc/init.d/httpd stop 2>/dev/null
		/etc/init.d/httpd disable 2>/dev/null
	fi

	# Generate /etc/httpd_gargoyle.password from root password
	pass_str=""
	if [ -e /etc/shadow ] ; then
		pass_str=$(awk 'BEGIN {FS=":"} $0~/^root\:/ { print $2 }' /etc/shadow 2>/dev/null )
	else
		pass_str=$(awk 'BEGIN {FS=":"} $0~/^root\:/ { print $2 }' /etc/passwd 2>/dev/null )
	fi
	tmp_path="/tmp/httpd_gargoyle.password" 
	real_path="/etc/httpd_gargoyle.password" 
	echo "admin:$pass_str" >  "$tmp_path"
	echo "root:$pass_str"  >> "$tmp_path"
	if [ -e "$real_path" ] ; then
		old_md5=$(md5sum "$real_path")
		old_md5=${old_md5% *}
		new_md5=$(md5sum "$tmp_path")
		new_md5=${new_md5% *}
		if [ "$old_md5" = "$new_md5" ] ; then
			rm "$tmp_path" 2>/dev/null
		else
			mv "$tmp_path" "$real_path"  2>/dev/null
		fi
	else
		mv "$tmp_path" "$real_path"  2>/dev/null
	fi

	#load config options 
	config_load "httpd_gargoyle"

	config_get web_protocol "server" web_protocol
	config_get http_port "server" http_port
	config_get https_port "server" https_port
	config_get web_root "server" web_root
	config_get default_page_file "server" default_page_file
	config_get default_realm_name "server" default_realm_name
	config_get default_realm_password_file "server" default_realm_password_file
	config_get no_password "server" no_password
	config_get page_not_found_file "server" page_not_found_file

	if [ -z "$web_protocol" ] ; then web_protocol="https" ; fi
	if [ -z "$http_port" ] ; then http_port=80 ; fi
	if [ -z "$https_port" ] ; then https_port=443 ; fi
	if [ -z "$web_root" ] ; then web_root="/www" ; fi
	if [ -z "$default_page_file" ] ; then default_page_file="index.html" ; fi
	if [ -z "$default_realm_name" ] ; then default_realm_name="Router" ; fi
	if [ -z "$default_realm_password_file" ] ; then default_realm_password_file="/etc/httpd_gargoyle.password" ; fi
	if [ -z "$page_not_found_file" ] ; then page_not_found_file="404.html" ; fi


	if ! [ -d "$run_dir" ] ; then
	       	mkdir -p "$run_dir" 2>/dev/null
	fi
	if ! [ -d "$web_root" ] ; then
		mkdir -p "$web_root" 2>/dev/null
	fi


	## start with both ssl and non-ssl ports
	if [ "$web_protocol" = "both" ] ; then
		if [ -n "$no_password" ] ; then
			$bin -c "$cgi_pattern" -d "$web_root" -u "$user" -p "$http_port" -S -E "$cert_file" -SP $https_port -i "$pid_https" -ADL 0 -DPF "$default_page_file" -PNF "$page_not_found_file" 2>/dev/null
		else
			$bin -c "$cgi_pattern" -d "$web_root" -u "$user" -p "$http_port" -S -E "$cert_file" -SP $https_port -i "$pid_https" -ADL 0 -DPF "$default_page_file" -DRN "$default_realm_name" -DRP "$default_realm_password_file" -PNF "$page_not_found_file"  2>/dev/null
		fi	
	fi


	## start with ssl
	if [ "$web_protocol" = "https" ] ; then
		if [ -n "$no_password" ] ; then
			$bin -c "$cgi_pattern" -d "$web_root" -u "$user" -p "$https_port" -S -E "$cert_file" -i "$pid_https" -ADL 0 -DPF "$default_page_file" -PNF "$page_not_found_file"  2>/dev/null
		else
			$bin -c "$cgi_pattern" -d "$web_root" -u "$user" -p "$https_port" -S -E "$cert_file" -i "$pid_https" -ADL 0 -DPF "$default_page_file" -DRN "$default_realm_name" -DRP "$default_realm_password_file" -PNF "$page_not_found_file"  2>/dev/null
		fi
	fi

	## start without ssl
	if [ "$web_protocol" = "http" ]  ; then
		if [ -n "$no_password" ] ; then
			$bin  -c "$cgi_pattern" -d "$web_root" -u "$user" -p "$http_port" -i "$pid_http" -ADL 0 -DPF "$default_page_file" -PNF "$page_not_found_file"  2>/dev/null

		else
			$bin  -c "$cgi_pattern" -d "$web_root" -u "$user" -p "$http_port" -i "$pid_http" -ADL 0 -DPF "$default_page_file" -DRN "$default_realm_name" -DRP "$default_realm_password_file" -PNF "$page_not_found_file"  2>/dev/null
		fi
	fi
}	

stop()
{
	if [ -f "$pid_http" ] ; then
		kill "$(cat $pid_http)" 2>/dev/null
	fi

	if [ -f "$pid_https" ] ; then
		kill "$(cat $pid_https)" 2>/dev/null
	fi
}

